Does fluXtore Funnel Builder have any unpatched vulnerabilities?

No. All known vulnerabilities in fluXtore Funnel Builder have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is fluXtore Funnel Builder compatible with WordPress 6.9.4?

According to WordPress.org data, fluXtore Funnel Builder 1.6.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is fluXtore Funnel Builder compatible with PHP 7.4+?

fluXtore Funnel Builder requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is fluXtore Funnel Builder updated?

fluXtore Funnel Builder was last updated on Jan 10, 2026. Frequent updates are generally a positive security signal.

What is fluXtore Funnel Builder's security score?

fluXtore Funnel Builder has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

fluXtore Funnel Builder Security & Risk Analysis

wordpress.org/plugins/fluxtore

Easily create highly converting sales funnels!

100 active installs v1.6.5 PHP 7.4+ WP 5.4+ Updated Jan 10, 2026

brickselementorfunnel-buildersales-funnelswoocommerce

A · Safe

CVEs total1

Unpatched0

Last CVEJul 4, 2025

Plugin page Download

Safety Verdict

Is fluXtore Funnel Builder Safe to Use in 2026?

Generally Safe

Score 99/100

fluXtore Funnel Builder has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Jul 4, 2025Updated 2mo ago

Risk Assessment

The fluxtore plugin v1.6.5 presents a mixed security posture. While it demonstrates good practices in areas like output escaping and prepared statement usage for SQL queries, significant concerns arise from its attack surface. A substantial portion of its AJAX handlers lack authentication checks, creating a direct path for unauthorized actions. The taint analysis further highlights critical risks with unsanitized paths, particularly in flows with high severity.

The vulnerability history, while showing no currently unpatched CVEs, reveals a past medium vulnerability attributed to missing authorization. This pattern, combined with the current finding of unprotected AJAX handlers, suggests a recurring issue with authorization controls in the plugin's development. The presence of the `unserialize` function is also a notable concern that could lead to deserialization vulnerabilities if user-supplied data is processed without proper validation.

In conclusion, fluxtore v1.6.5 has strengths in its general code quality regarding SQL and output handling. However, the significant number of unprotected AJAX endpoints and critical taint flows involving unsanitized paths represent serious security weaknesses that require immediate attention. The past vulnerability history reinforces the need for robust authorization checks.

Key Concerns

AJAX handlers without auth checks
High severity taint flows
Unsanitized paths in taint flows
Use of unserialize function
Past medium vulnerability (Missing Auth)
Low capability check count

Vulnerabilities

fluXtore Funnel Builder Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-30929medium · 5.3Missing Authorization

fluXtore <= 1.6.0 - Missing Authorization

Jul 4, 2025 Patched in 1.6.3 (187d)

Code Analysis

Analyzed Mar 16, 2026

fluXtore Funnel Builder Code Analysis

Dangerous Functions

Raw SQL Queries

12 prepared

Unescaped Output

298 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserializeif (is_string($value) && unserialize($value) !== false) {core\admin\ajax\class-fluxtore-ajax-steps.php:89

unserialize$value = unserialize($value);core\admin\ajax\class-fluxtore-ajax-steps.php:90

unserializeif (is_string($v) && unserialize($v) !== false) {core\admin\ajax\class-fluxtore-ajax-steps.php:93

unserialize$value[$i] = unserialize($v);core\admin\ajax\class-fluxtore-ajax-steps.php:94

unserialize$steps = unserialize($page_meta['__fluxtore__steps'][0]);core\bricks\element-bricks-next-step-block.php:130

unserialize$steps = unserialize($page_meta['__fluxtore__steps'][0]);core\divi\includes\modules\NextStepButton\NextStepButton.php:176

unserialize$steps = unserialize($page_meta['__fluxtore__steps'][0]);core\gutenberg\upsell-downsell-blocks.php:400

SQL Query Safety

80% prepared15 total queries

Output Escaping

90% escaped332 total outputs

Data Flows

9 unsanitized

Data Flow Analysis

11 flows9 with unsanitized paths

<class-fluxtore-override-woocommerce> (core\frontend\class-fluxtore-override-woocommerce.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

12 unprotected

fluXtore Funnel Builder Attack Surface

Entry Points24

Unprotected12

AJAX Handlers 22

authwp_ajax_import_funnel_datacore\admin\ajax\class-fluxtore-ajax-funnels.php:30

noprivwp_ajax_import_funnel_datacore\admin\ajax\class-fluxtore-ajax-funnels.php:31

authwp_ajax_upload_funnel_jsoncore\admin\ajax\class-fluxtore-ajax-funnels.php:33

noprivwp_ajax_upload_funnel_jsoncore\admin\ajax\class-fluxtore-ajax-funnels.php:34

authwp_ajax_save_custom_fieldscore\admin\ajax\class-fluxtore-ajax-order-bumps.php:28

noprivwp_ajax_save_custom_fieldscore\admin\ajax\class-fluxtore-ajax-order-bumps.php:29

authwp_ajax_save_custom_fields1core\admin\ajax\class-fluxtore-ajax-order-bumps.php:31

noprivwp_ajax_save_custom_fields1core\admin\ajax\class-fluxtore-ajax-order-bumps.php:32

authwp_ajax_response_get_formcore\admin\ajax\class-fluxtore-ajax-order-bumps.php:34

noprivwp_ajax_response_get_formcore\admin\ajax\class-fluxtore-ajax-order-bumps.php:35

authwp_ajax_fluxtore_add_bump_productcore\frontend\class-fluxtore-order-bump.php:28

noprivwp_ajax_fluxtore_add_bump_productcore\frontend\class-fluxtore-order-bump.php:29

authwp_ajax_fluxtore_remove_bump_productcore\frontend\class-fluxtore-order-bump.php:31

noprivwp_ajax_fluxtore_remove_bump_productcore\frontend\class-fluxtore-order-bump.php:32

authwp_ajax_fluxtore_add_bump_product_allcore\frontend\class-fluxtore-order-bump.php:34

noprivwp_ajax_fluxtore_add_bump_product_allcore\frontend\class-fluxtore-order-bump.php:35

authwp_ajax_my_ajax_actioncore\settings\class-fluxtore-default-editor.php:25

noprivwp_ajax_my_ajax_actioncore\settings\class-fluxtore-default-editor.php:26

authwp_ajax_get_default_editiorcore\settings\class-fluxtore-default-editor.php:28

noprivwp_ajax_get_default_editiorcore\settings\class-fluxtore-default-editor.php:29

authwp_ajax_check_elementor_plugincore\settings\class-fluxtore-default-editor.php:31

noprivwp_ajax_check_elementor_plugincore\settings\class-fluxtore-default-editor.php:32

Shortcodes 2

[fluxtore-checkout-block] core\frontend\class-fluxtore-shortcodes.php:25

[render-yes-block] core\frontend\class-fluxtore-shortcodes.php:26

WordPress Hooks 85

actioninitcore\admin\ajax\class-fluxtore-ajax-funnels.php:28

actionadmin_enqueue_scriptscore\admin\class-fluxtore-admin-assets.php:25

actionadmin_bar_menucore\admin\class-fluxtore-admin-bar.php:25

actionelementor/editor/after_enqueue_scriptscore\admin\class-fluxtore-admin-bar.php:26

actionadmin_bar_menucore\admin\class-fluxtore-admin-bar.php:27

actionadmin_footercore\admin\class-fluxtore-admin-bar.php:28

filterwoocommerce_components_settingscore\admin\class-fluxtore-admin-menu.php:39

filterwoocommerce_admin_shared_settingscore\admin\class-fluxtore-admin-menu.php:41

filterwoocommerce_admin_rest_controllerscore\admin\class-fluxtore-admin-menu.php:43

filterwoocommerce_data_storescore\admin\class-fluxtore-admin-menu.php:44

actionadmin_menucore\admin\class-fluxtore-admin-menu.php:57

actionadmin_initcore\admin\class-fluxtore-update-notice.php:30

actionadmin_noticescore\admin\class-fluxtore-update-notice.php:31

actionadmin_noticescore\admin\utilities\class-fluxtore-gateway-dependencies.php:28

filterwoocommerce_admin_billing_fieldscore\admin\woocommerce\class-fluxtore-order-details.php:27

filterwoocommerce_admin_shipping_fieldscore\admin\woocommerce\class-fluxtore-order-details.php:28

actionafter_setup_themecore\bricks\class-fluxtore-bricks-integration.php:25

filterbricks/builder/post_typescore\bricks\class-fluxtore-bricks-integration.php:43

actionwp_enqueue_scriptscore\bricks\class-fluxtore-bricks-integration.php:44

actioninitcore\class-fluxtore-loader.php:42

actionadmin_enqueue_scriptscore\class-fluxtore-loader.php:43

actionwp_enqueue_scriptscore\class-fluxtore-loader.php:44

actioncurrent_screencore\class-fluxtore-loader.php:45

actionadmin_bar_menucore\class-fluxtore-loader.php:46

actionelementor/initcore\class-fluxtore-loader.php:378

actionplugins_loadedcore\class-fluxtore-loader.php:385

actiondivi_extensions_initcore\divi\class-fluxtore-divi-integration.php:25

actionadmin_initcore\divi\class-fluxtore-divi-integration.php:26

actionfluxtore/after_import_funnelcore\elementor\class-fluxtore-el-css-regenerator.php:19

actionwpcore\elementor\class-fluxtore-el-css-regenerator.php:20

actionelementor/elements/categories_registeredcore\elementor\class-fluxtore-el-widgets-loader.php:39

actionelementor/widgets/widgets_registeredcore\elementor\class-fluxtore-el-widgets-loader.php:42

filterfluxtore_enable_widget_for_postcore\elementor\class-fluxtore-el-widgets-loader.php:123

filterfluxtore_enable_widgetcore\elementor\class-fluxtore-el-widgets-loader.php:140

filterwoocommerce_form_fieldcore\elementor\widgets\class-fluxtore-el-checkout.php:130

filterwoocommerce_billing_fieldscore\elementor\widgets\class-fluxtore-el-checkout.php:131

filterwoocommerce_shipping_fieldscore\elementor\widgets\class-fluxtore-el-checkout.php:132

actionfluxtore_before_checkoutcore\frontend\checkout\class-fluxtore-checkout-gateways.php:28

actionwp_headcore\frontend\class-fluxtore-facebook-pixel.php:57

actionwoocommerce_thankyoucore\frontend\class-fluxtore-facebook-pixel.php:58

actionwp_enqueue_scriptscore\frontend\class-fluxtore-frontend-assets.php:25

actionadmin_enqueue_scriptscore\frontend\class-fluxtore-frontend-assets.php:26

actionwp_headcore\frontend\class-fluxtore-google-analytics.php:57

actionwoocommerce_thankyoucore\frontend\class-fluxtore-google-analytics.php:58

filtertemplate_includecore\frontend\class-fluxtore-load-template.php:36

actionwoocommerce_cart_loaded_from_sessioncore\frontend\class-fluxtore-order-bump.php:37

filterwoocommerce_add_cart_item_datacore\frontend\class-fluxtore-order-bump.php:39

actionwoocommerce_before_calculate_totalscore\frontend\class-fluxtore-order-bump.php:40

actionthe_postcore\frontend\class-fluxtore-override-woocommerce.php:84

actionwoocommerce_initcore\frontend\class-fluxtore-override-woocommerce.php:85

filterwoocommerce_locate_templatecore\frontend\class-fluxtore-override-woocommerce.php:87

actionwpcore\frontend\class-fluxtore-override-woocommerce.php:88

filterwoocommerce_is_checkoutcore\frontend\class-fluxtore-override-woocommerce.php:91

actionwoocommerce_before_calculate_totalscore\frontend\class-fluxtore-override-woocommerce.php:94

actionwoocommerce_checkout_create_ordercore\frontend\class-fluxtore-override-woocommerce.php:97

actiontemplate_redirectcore\frontend\class-fluxtore-override-woocommerce.php:98

filterwoocommerce_billing_fieldscore\frontend\class-fluxtore-override-woocommerce.php:103

filterwoocommerce_shipping_fieldscore\frontend\class-fluxtore-override-woocommerce.php:104

filterwoocommerce_get_country_locale_defaultcore\frontend\class-fluxtore-override-woocommerce.php:105

actionwoocommerce_checkout_update_order_metacore\frontend\class-fluxtore-override-woocommerce.php:107

filterwoocommerce_enable_order_notes_fieldcore\frontend\class-fluxtore-override-woocommerce.php:446

actionwoocommerce_initcore\frontend\class-fluxtore-override-woocommerce.php:462

actionpre_get_postscore\frontend\class-fluxtore-steps-as-frontpage.php:33

actiontemplate_redirectcore\frontend\class-fluxtore-steps-as-frontpage.php:34

filterwp_dropdown_pagescore\frontend\class-fluxtore-steps-as-frontpage.php:37

actioninitcore\gutenberg\upsell-downsell-blocks.php:34

actionenqueue_block_editor_assetscore\gutenberg\upsell-downsell-blocks.php:84

filterwoocommerce_form_fieldcore\gutenberg\upsell-downsell-blocks.php:167

filterwoocommerce_billing_fieldscore\gutenberg\upsell-downsell-blocks.php:168

filterwoocommerce_shipping_fieldscore\gutenberg\upsell-downsell-blocks.php:169

actionfluxtore_initcore\runners\class-fluxtore-analytics-benchmark.php:21

filtercron_schedulescore\runners\class-fluxtore-analytics-benchmark.php:22

actionfluxtore_step_before_rendercore\runners\class-fluxtore-tracker.php:36

actionfluxtore_register_optionscore\settings\class-fluxtore-analytics-settings.php:22

actionfluxtore_register_optionscore\settings\class-fluxtore-data-persistence.php:29

actiondeactivated_plugincore\settings\class-fluxtore-default-editor.php:34

actionfluxtore_register_optionscore\settings\class-fluxtore-facebook-pixel-settings.php:33

actionfluxtore_register_optionscore\settings\class-fluxtore-gateway-settings.php:37

actionfluxtore_register_optionscore\settings\class-fluxtore-google-analytics-settings.php:31

actionfluxtore_register_optionscore\settings\class-fluxtore-url-rewriter.php:29

actionfluxtore_register_optionscore\settings\class-fluxtore-users-generic.php:28

actionadmin_noticescore\utilities\class-fluxtore-dependencies.php:38

filterbricks/elements/categoriesfluxtore.php:101

actioninitfluxtore.php:110

filterbricks/elements/registerfluxtore.php:132

Maintenance & Trust

fluXtore Funnel Builder Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 10, 2026

PHP min version7.4

Downloads7K

Community Trust

Rating100/100

Number of ratings4

Active installs100

Alternatives

fluXtore Funnel Builder Alternatives

FunnelKit – Funnel Builder for WooCommerce Checkout

funnel-builder

Create high-converting WooCommerce checkout pages, WooCommerce thank you pages & sales funnels with the highest-rated WordPress funnel builder.

40K 12 CVEs

Essential Addons for Elementor – Popular Elementor Templates & Widgets

essential-addons-for-elementor-lite

Elementor addon offering 110+ widgets and templates — Elementor Gallery, Slider, Form, Post Grid, Menu, Accordion, WooCommerce & more.

2.0M 56 CVEs

CartFlows – Funnel Builder & Checkout Plugin for WooCommerce

cartflows

1 WordPress funnel builder & WooCommerce checkout plugin. Boost AOV with one-click upsells, order bumps & high-converting checkout pages.

200K 6 CVEs

ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution

shopengine

WooCommerce builder for Elementor and Gutenberg. It offers product templates, product sliders, shopping cart, quick view, Woo wishlist, product filter …

90K 4 CVEs

ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin

woolentor-addons

ShopLentor – More than a WooCommerce builder. A complete growth plugin to boost conversions, UX, and sales for your store.

90K 24 CVEs

Developer Profile

fluXtore Funnel Builder Developer Profile

amazewp

1 plugin · 100 total installs

trust score

Avg Security Score

99/100

Avg Patch Time

187 days

View full developer profile

Detection Fingerprints

How We Detect fluXtore Funnel Builder

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/fluxtore/assets/admin-script.js/wp-content/plugins/fluxtore/assets/js/vendor/sweetalert.min.js

Script Paths